Validating digital content presented on a mobile device

ABSTRACT

A computer system includes a content delivery system that delivers digital content from a source to a mobile device, which in turn presents the digital content to a recipient computer system. The recipient computer system can validate that the digital content presented by the mobile device is authorized by the source of that digital content without the recipient computer system communicating with the content delivery system for such validation. Digital content presented on a mobile phone can be validated by a recipient as being authorized by a source, without a connection to a centralized database. To perform such validation, the computer system uses i) a transaction location determined at the time of a transaction based on information received from the mobile device, and ii) a time-varying, non-predictable code associated with the transaction location.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.15/200,145, filed Jul. 1, 2016, currently pending, which is anonprovisional application of U.S. Provisional Patent Application Ser.No. 62/313,847, filed Mar. 28, 2016, which are hereby incorporated byreference.

BACKGROUND

Coupons today come in two broad varieties. Generic coupons, all of whichhave a common identifier, such as a barcode number, associated withthem, and serialized or one-time-use coupons, each of which has a uniqueidentifier, such as a barcode number.

There are several advantages of generic coupons. They are easy todistribute and can be redeemed in multiple locations. For a retailer toaccept generic coupons, there is little or no change required ininformation technology infrastructure, and no requirement for areal-time connection from a retailer's point of sale system to a thirdparty system to validate the coupons. Many consumer packaged goods (CPG)companies, or manufacturers, use generic coupons because of theseadvantages. Generic coupons are typically distributed as paper coupons.A $1 off paper coupon for Tide detergent issued by Proctor and Gamble isan example of a generic coupon.

When paper versions of these generic coupons are presented to a retaileras part of transactions, the retailer collects the paper coupons,ensuring that the paper coupons cannot be used again. The retailer sendsthe paper coupons that have been redeemed through that retailer to acoupon clearing service. The coupon clearing service processes the papercoupons to determine what amount of money is owed to the retailer. Thecoupon clearing service also can transfer funds to the retailer and canassess charges to the CPG companies who issued the coupons.

This process works well for paper coupons, but does not work at all fordigital coupons for several reasons. In particular, there is nothing forthe retailer to deliver to a conventional coupon clearing service. Forexample, if a consumer presents a digital coupon on a mobile phone, theretailer has no paper version of the digital coupon to send to aconventional coupon clearing service. As a result, the retailer mayrefuse the coupon, or the retailer might not be reimbursed by themanufacturer for the discount given to the consumer. Thus, digitalcoupons are more commonly used by retailers, for use in their ownstores, and are not as commonly used by manufacturers.

The CPG companies, or manufacturers, face a similar problem. They wouldlike to be able to issue digital coupons to be used by consumers in anylocations that accept paper coupons, but they need to make sure thatthey are only reimbursing retailers for coupons that were actuallypresented by consumers, to reduce fraud by the retailer.

One way that some CPG companies have tried to use digital coupons is tohave digital coupons that time out after a short period of time. Forexample, once a consumer clicks a button to display a digital coupon ona mobile device, the digital coupon remains active for a short period oftime, such as two minutes. After that time, the digital coupon isdisabled. While using a time out on a digital coupon can ensure that thedigital coupon is presented only once, there are measures that can betaken to defeat the time out. Also, using the time out does not verifythat both a product was purchased and the digital coupon was redeemed atthe same time. Using a time out also does not address the retailer'schallenge of knowing that the retailer will be reimbursed by the CPGcompany for the digital coupon the retailer accepted, i.e., that the CPGcompany has authorized the digital coupon.

Another way for CPG companies to reduce retailer fraud, and forretailers to ensure they will be reimbursed for manufacturer coupons, isto use serialized, or one-time-use digital coupons. In the case ofserialized coupons, each coupon has its own unique identifier, usuallypresented in the form of a barcode. The unique identifier ensures thatno two coupons are alike. When the consumer presents a one-time usedigital coupon at a retailer, the retailer can check, by accessing acentralized database of active serialized coupons, to determine if thedigital coupon is valid. If the digital coupon is valid, then theretailer can accept the digital coupon, and the centralized database isupdated to indicate that the digital coupon has been redeemed. Thisprocess ensures that a) the retailer gets credit for redeeming thecoupon and b) that no one else can redeem the same coupon. The CPGcompanies know the coupon will be redeemed only once, thus reducing thelikelihood of multiple use fraud. Retailers know they also will receivepayment for the one-time use digital coupons redeemed through them.

For serialized digital coupons to work using this technique, theretailer's point of sale system has a real-time connection to thecentralized database to validate the one-time use digital coupon and toupdate the database at the time of the transaction in which the digitalcoupon is redeemed. In the case of a small merchant with merely a cashregister, there is typically no connectivity to such a centralizeddatabase. In the case of a large merchant with a sophisticated point ofsale system, the process of integration with a centralized database caninvolve customization of the point of sale system, which introducescomplexity, cost, and risk, both for installation and ongoingmaintenance, and is time consuming and expensive.

SUMMARY

This Summary introduces selected concepts in simplified form and whichare described further below in the Detailed Description. This Summary isintended neither to identify key or essential features of the claimedsubject matter, nor to limit the scope of the claimed subject matter.

A computer system includes a content delivery system that deliversdigital content from a source to a mobile device, which in turn presentsthe digital content to a recipient computer system. The recipientcomputer system can validate that the digital content presented by themobile device is authorized by the source of that digital contentwithout the recipient computer system communicating with the contentdelivery system for such validation. For example, using such a computersystem, a digital coupon presented on a mobile phone can be validated bya retailer as being authorized by a coupon issuer, such as amanufacturer, without the retailer having a point-of-sale system with aconnection to a centralized database.

To perform such validation, the computer system uses i) a transactionlocation determined at the time of a transaction based on informationreceived from the mobile device, and ii) a time-varying, non-predictablecode associated with the transaction location. The transaction locationcan be a geographic location, such as a location determined for themobile device, or an identity of a recipient, such as a retailer or aretailer's point-of-sale device or a retailer's online store, to whom orto which the digital content is presented by the mobile device.Time-varying, non-predictable codes can be associated with transactionlocations, such as geographical locations, or with identities ofpotential recipients, such as retailers, or both.

More particularly, the content delivery system has access to a servercomputer that generates time-varying non-predictable codes associatedwith potential transaction locations. The potential recipients of thedigital content also have corresponding tokens that generatecorresponding time-varying non-predictable codes. Thus, for a potentialtransaction location, there is a time-varying non-predictable code thatcan be generated both by the server, given the transaction location asan input, and by the token for the recipient at that transactionlocation.

When the content delivery system receives a request from a mobile devicefor digital content associated with a source, the content deliverysystem determines a transaction location based on information receivedfrom the mobile device. The content delivery system, using thetransaction location, accesses the server computer to obtain a currenttoken value for a token corresponding to the transaction location. Acurrent token value is generated based on the time-varyingnon-predictable code associated with the transaction location. Thecontent delivery system then sends the current token value to the mobiledevice. When the mobile device presents the digital content, thepresented digital content includes the server-generated current tokenvalue. The recipient's token at the transaction location generates acurrent token value based on the time-varying, non-predictable code thatis part of the token. The token can presents the token-generated currenttoken value on an output device associated with the token. A comparisonof the token-generated current token value and the server-generatedcurrent token value as presented by the mobile device determines whetherthe digital content is authorized by the source for presentation at thistransaction location.

Such a computer system allows the recipient to validate that the digitalcontent presented by the mobile device is authorized by the source, evenwhen the recipient's computer system is not in communication with thecontent delivery system. For example, the point of sale system, or thecashier using the point of sale system, at a retailer, which processes adigital coupon presented on a mobile device, can validate that thedigital coupon is authorized by the manufacturer by a comparison of thetoken-generated time-varying non-predictable code from the retailer'stoken with the server-generated time-varying non-predictable codepresented with the digital coupon on the mobile device.

In one implementation, to provide such functionality, a device called atoken, an example of which is a RSA SecureID token, is distributed to aretailer by a coupon issuer, such as a manufacturer of a product or acoupon delivery service. In one implementation, such a token can includea physical token with a display that presents a value (the token value)on the display. In another implementation, such a token can beintegrated into a point of sale system, such as the Square point of salesystem. In another implementation, such a token can be a computerprogram executing on a computer connected to, or implementing, the pointof sale system. In general, the token at a transaction locationgenerates a time-varying non-predictable code which matches thecorresponding time-varying non-predictable code for that transactionlocation generated by a server computer accessible to the contentdelivery system.

As an example use, when a purchaser presents a generic digital couponfor use in a transaction with a retailer, the purchaser uses anapplication on a mobile device, such as a web browser or mobile app, topresent the generic digital coupon at the retailer's point of salesystem. The application communicates with a coupon delivery system toaccess the digital coupon. The application gathers information that canbe used to determine the transaction location. For example, theapplication can access information from a global positioning system(GPS) circuit in the mobile device. As another example, the applicationcan access information from cellular network, wireless computer networkor other network connectivity information. As another example, theapplication can access other information from the environment of themobile device, such as a Bluetooth beacon placed near or at a registeror other point-of-sale device and which provides the primary locationinformation for the retailer. As another example, information, such as anumber or QR code, provided near or at the register or otherpoint-of-sale device can be input to the mobile device, such as by usinga camera or through manual input. For transactions with an online store,a uniform resource identifier or locator for the online store can beprovided. Such information obtained by the application from the mobiledevice can be used to determine the geographic location of the mobiledevice. In particular, the geographic location of the mobile device canbe determined by the application, or the application can send thisinformation to a coupon delivery system which in turn can determine thegeographic location of the mobile device.

The information from which the geographic location of the mobile devicecan be determined can be used to determine a transaction location, whichcan be, for example, a geographic location or an identifier of aphysical store or an online store. The coupon delivery system accessesinformation which associates transaction locations with tokenidentifiers, in order to identify a token(s) associated with the currenttransaction location. For example, the coupon delivery system candetermine, based on the transaction location, a token that has beenassigned to that transaction location.

If the transaction location has a token assigned to it, then the coupondelivery system can prepare to send a digital coupon to the mobiledevice, and accesses a token server with the token identifier to obtaina current token value for the token. If the transaction location doesnot have a token assigned to it, then the coupon delivery system doesnot send a digital coupon to the mobile device. The coupon deliverysystem sends the server-generated token value with the digital coupon tothe application on the mobile device, which renders an image of thedigital coupon, such as a coupon barcode, along with theserver-generated token value(s) for the token assigned to the currenttransaction location. The coupon delivery system also can mark thedigital coupon sent to the mobile device as redeemed when the coupon issent to the mobile device.

If the server-generated token value rendered with the digital couponmatches the token-generated token value displayed on the retailer'stoken, then the match validates the digital coupon. Such a comparison ofthe server-generated token value with the token-generated token valuecan be done by machine, e.g., computer. The comparison can also beperformed by a person, such as a cashier at a retailer, who simplycompares the token value on the face of the digital coupon to thecurrent token value from the retailer's token to ensure that the numbersmatch. The result of the comparison can be provided as an input to apoint-of-sale machine. The result of the comparison can be used by acashier to refuse to accept the coupon. If the tokens match, then theretailer can accept the digital coupon.

The token implements technology called a time-varying, non-predictablecode. A token generates a current token value, which changes over time.The current token value is generated using one or more predeterminedstatic variables, one or more dynamic variables such as the currenttime, and a predetermined algorithm, such as described in U.S. Pat. No.4,720,860. The current token value is generally a number in a sequenceof numbers, but which can be mapped to other data. Thus, the currenttoken value may include, for example, i) a string of numbers and/orcharacters, and/or ii) image(s), and/or iii) word(s), or similar data.Two separate computers or devices, using local information for thecurrent time and the predetermined static variable (shared by the twocomputers or devices) and the predetermined algorithm (shared by the twocomputers or devices), generate the current token value. The twonon-predictable codes generated by the two separate computers or devicesare compared to determine if there is a match. The fact that twoseparate computers or devices generate the same current token values atthe same time, which are generated based on a secret (e.g., the staticvariable and/or the predetermined time-dependent algorithm) which isboth shared between the devices and associated with a source, therecipient of the content has assurance that the content received at thetime of the transaction is authorized by the source of the content. Thecontent delivery system determines which time-varying code to use togenerate a current token value to present based on the transactionlocation determined based on information received in the request fromthe mobile device.

In one example implementation, a token that generates time-varying tokenvalues can be a SecureID token assigned to the retailer. The couponissuer or coupon delivery system also has a computer system that has thesame information as the token and generates matching time-varying tokenvalues. The coupon issuer or coupon delivery system can provide a tokenauthorized by the coupon issuer to retailers and can have a servercomputer that provides, given a transaction location such as ageographic location or an identifier of a retailer, a current tokenvalue for the token.

Such a computer system enables a retailer who redeems a digital couponpresented on a consumer's mobile device to be assured that the digitalcoupon is authorized by the coupon issuer, and that the retailer will beproperly reimbursed for the discount which the retailer gave to theconsumer. If the coupon delivery system marks a digital coupon asredeemed as soon as the digital coupon is displayed, then the CPGcompany has data indicating that the digital coupon likely was presentedby a consumer to a retailer that has a token and is authorized to redeemcoupons.

If, for some reason, the consumer does not use the coupon or if theretailer does not honor the coupon, then the consumer can enter an inputon the mobile device, such as pressing a button on a touchscreendisplaying the digital coupon, which in turn causes the application onthe mobile device to prompt the consumer to enter the current tokenvalue from the retailer's token. If the token values match, then thecoupon can be unredeemed. If the token values do not match, then thecoupon remains redeemed.

From the perspective of a CPG company, the CPG company can know how manytimes a coupon was viewed or presented for redemption in a specificphysical location and can match that information against any claims madeby the retailer for reimbursement.

From the perspective of a retailer, so long as the retailer checks toensure that a current token value from a token received from the couponissuer matches a current token value as displayed on the face of thecoupon on a mobile device, the retailer has assurance that the digitalcoupon is valid, and that the CPG company will reimburse the retailer ifthe retailer accepts the digital coupon.

The computer system also provides a simple way for a consumer to reversethe process if the retailer does not redeem the coupon. The computersystem can track such information to reduce fraud.

In one embodiment, a single retailer location with multiple cashregisters or other point of sale devices can have a set of synchronizedtokens, instead of unique tokens for each point of sale device,installed at the retailer's location so that all of the tokens displaythe same token value at any given time.

For the CPG company to increase certainty that the retailer actuallysold the individual items for which the discounts were applied, theretailer can be asked to deliver, via batch or real-time data feed, thedetails of all transactions (products purchased by the consumer) so thatthe CPG company can reconcile these details against the couponredemption records.

For the CPG company to increase certainty that the consumer was presentat the point of sale system at a retailer before the coupon was markedas redeemed, the system can require consumers to take an extra step toconfirm that the consumer interacts with the point of sale system. Inone implementation, a secondary token can be placed near the point ofsale system which displays a number or QR barcode or other value. Thevalue of the secondary token can change at regular intervals. Afterconfirming the consumer's location and obtaining a primary token valueas described above, but prior to displaying the digital coupon with theprimary token value, the application displaying the digital coupon canprompt the consumer to enter the secondary token value, such as bytaking a picture of the secondary token or by entering data indicatingthe secondary token value. The application can then connect to a serverto confirm the secondary token value for the specific location. If thereis a match with the secondary token, then the application displays thedigital coupon on the mobile device. The use of a secondary tokenensures that the consumer is present at the point of sale prior to thecoupon being marked as redeemed.

The secondary token value also can be rendered on an internet-connectedpoint of sale system and the application on the mobile device can prompta consumer to enter the secondary token value manually prior to theapplication displaying the digital coupon and the primary token value.

The secondary token value also can be a static barcode or number insteadof a barcode or number dynamically displayed by a token. In this case, aserver can simply check whether the static secondary token value wascorrect for the given physical retail location.

The secondary token also can be data exchanged via radio frequencybetween the point of sale device or other device of the retailer and themobile device (and application) displaying the coupon, for example byusing a Bluetooth beacon, NFC tag, RFID tag, or similar device. In thisimplementation, the radio frequency device exchanges data with theapplication running on the mobile device in place of the consumer takinga specific action with the secondary token. If the information receivedby the application from the radio frequency device matches the secondarytoken value expected from the token server for the specific location,then the digital coupon is displayed along with the primary token value.

The operation of the application can vary by store location, such thatthe secondary token is used in some retail locations but not in others.This implementation of the application can be useful when a digitalcoupon is issued by a retailer because, so long as the consumer is inthe retailer's store, the coupon can be validated by the primary tokenalone.

In the following description, reference is made to the accompanyingdrawings which form a part hereof, and in which are shown, by way ofillustration, specific example implementations of this technique. It isunderstood that other embodiments may be utilized and structural changesmay be made without departing from the scope of the disclosure.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of an example computer system which validatesthat digital content presented on a mobile device is authorized by asource of that digital content.

FIG. 2 is an illustration of an example implementation of databasetables for associating promotions, user profiles and tokens.

FIG. 3 is a flow chart of an example implementation of a transaction.

FIG. 4 is a flow chart of an example implementation of redeeming acoupon.

FIG. 5 is a flow chart of an example implementation of unredeeming acoupon.

FIG. 6 is a block diagram of an example computer with which componentsof such a system can be implemented.

FIG. 7 is an example graphical user interface on a mobile device.

DETAILED DESCRIPTION

The following section describes an example operating environment forimplementing a computer system which validates that digital contentpresented through a computing device to a recipient is authorized by asource of that digital content. This example operating environment isdescribed in the context of delivering generic digital coupons to amobile device and presenting generic digital coupons through the mobiledevice to a point of sale computer at a retailer. It should beunderstood that such a computer system can be applied to many differenttypes of digital content that can be presented to a recipient computersystem through a mobile device, where the recipient wants to determinethat the digital content as presented is authorized by the source ofthat digital content. Further examples of such digital content include,but are not limited to generic digital coupons, serialized digitalcoupons, digital representations of loyalty cards, reward certificates,gift cards, digital tickets to venues or for travel or other placeswhere tickets are used, or digital representation of value or liability.It also should be understood that the computing device from which thedigital content is presented can be any kind of computing device throughwhich the digital content can be presented to a recipient. For example,for digital content such as digital coupons, such content can bepresented through a desktop computer while accessing an online store, inwhich case the online store is a recipient.

Referring to FIG. 1, a coupon delivery system for delivering genericdigital coupons includes a database 108. This database, an example ofwhich is described in more detail below in connection with FIG. 2,associates user profiles with promotions, such as digital coupons, andpromotion identifiers. The coupon delivery system is connected to acoupon content management system 110. The coupon content managementsystem 110 includes various media that is used to generate a renderingof an instance of a promotion, such as a digital coupon, such asgraphics, text, and the like. Such information generally is associatedwith a promotion identifier for each promotion. A coupon delivery system116 uses the database 108 to determine which instances of promotions todeliver to consumers, and their associated promotion identifiers, anduses coupon content management system 110 to provide data, such as mediaand text, to deliver with promotion identifiers to a consumer device.

The coupon delivery system 116, database 108 and coupon contentmanagement system 110 can be implemented as one or more computer systemsthat are programmed to implement the functionality such as describedherein. An example computer system that can be used is described in moredetail below in connection with FIG. 6. In addition, the database 108and coupon content management system 110 include databases ofinformation that can be implemented using storage and a databasemanagement system, such as a commercially available relational database,object-oriented database or other structured data storage system.

The database 108, coupon content management system 110 and coupondelivery system 116 can be implemented for one or more retailers ormanufacturers or other type of entity. In some implementations eachentity may have its own database 108, coupon content management system110 and content delivery system 116. Different entities may beresponsible for managing the different systems 108, 110 and 116.

The coupon content management system 110 can provide the datarepresenting coupons (such as images and text) to the coupon deliverysystem 116 over a computer network. Similarly, the database 108 can beaccessible to the coupon delivery system over a computer network.Alternatively, one or more of the systems 108, 110 and 116 can reside onthe same computer system.

As described in more detail below in connection with FIG. 2, thedatabase 108 maintains information associating promotion identifiers forpromotions with user profiles for consumers, and information aboutpromotions. Various operations can be made available in the coupondelivery system 116 to add, modify and remove associations between userprofiles, promotions and promotion identifiers, such as described inU.S. Pat. No. 9,015,277, hereby incorporated by reference.

For digital coupons, the coupon delivery system 116 can deliverdifferent digital coupons with coupon identifiers, e.g., couponidentifier #1 118 and coupon identifier #2 120, to consumer devices 122,124 (e.g., consumer #1 and consumer #2) through multiple channels, e.g.,text messaging, email, an application on a smart phone or other device,a digital payment wallet on a smart phone or other device, and socialmedia. In some implementations, a delivered instance of a digital couponhas a coupon identifier that uniquely identifies the coupon as relatedto a particular promotion and a particular consumer, and optionallyother information, and typically is rendered as a barcode on theconsumer device. However, the digital coupons also can be generic in thesense that different instances of a digital coupon delivered todifferent consumer devices include the same coupon identifiers. In theexample described below, the digital coupon can be a generic digitalcoupon because there is no communication between the point-of-saledevice and any centralized service to validate a serialized coupon.

While FIG. 1 only shows one consumer device 122, 124 per consumer, therecan be multiple consumers, each with multiple consumer devices. Eachconsumer device for a consumer can have multiple channels through whichcoupons can be delivered, and the channels available on all of theconsumer devices can be the channels available for that consumer. As anexample, a consumer may have email and web access on a desktop computer,an application and text messaging and web access on a mobile device.Such devices generally are implemented using a form of computing devicesuch as described below in connection with FIG. 6.

A consumer device that is a mobile device generally includes a source oflocation information 160 and a coupon application 162. The couponapplication 162 is a computer program running on the consumer devicethat configures the consumer device 122, 124 to communicate with thecoupon delivery system to access digital coupons through the consumerdevice and present the digital coupons at points of sale. The selectionof a digital coupon can be dependent on the location information 160.

To support validation of digital coupons or other promotions to bepresented to a retailer at a point of sale through the consumer device,each point of sale system 128 has associated with it a token 134, suchas a SecureID token, that has been given to the retailer by the couponissuer (such as a manufacturer) or coupon clearing service. This tokencan include a hardware device, or software or data delivered to acomputer including data defining a token, which is assigned to aspecific point of sale of a retailer.

Information that maps token identifiers for tokens 134 to transactionlocations to which those tokens are delivered is stored in a manneraccessible to the coupon delivery system 116 as indicated at 150. Givena transaction location 152, this information can be used to obtain oneor more token identifiers 154 corresponding to that transactionlocation.

A token generates a time-varying, non-predictable code. In other words,a token generates a current token value at intervals of time, where thatcurrent token value changes over time. The current token value isgenerated using a predetermined static variable, a time dependentdynamic variable and a predetermined algorithm. Token values mayinclude, for example, i) a string of numbers and/or characters, and/orii) image(s), and/or iii) word(s), or similar data. Two separatecomputers or devices, using local information for the current time andthe predetermined static variable (shared by the two computers ordevices) and the predetermined algorithm (shared by the two computers ordevices), generate the current token value. The two non-predictablecodes generated by the two separate computers or devices are compared todetermine if there is a match. The fact that two separate computers ordevices generate the same current token values at the same time, whichare generated based on a secret (i.e., the static variable and thepredetermined time-dependent algorithm) which is both shared between thedevices and associated with a source, the recipient of the content hasassurance that the content received at the time of the transaction isauthorized by the source of the content. The content delivery systemdetermines which time-varying code to present based on the transactionlocation determined based on information received in the request fromthe mobile device.

In one implementation, such a token 134 generates a token value at fixedintervals of time using a built-in clock and a factory-encoded seed,typically a random key associated with and unique to the token. Therandom key is different for each token. The interval can range from afew seconds to a few minutes, but for a digital coupon application wouldtypically be in the range of two (2) minutes to five (5) minutes. Therandom key for a token is loaded into a token server 170 after the tokenis delivered to a retailer. Given a current time, the token produces atoken value as a function of the random key and the current time. Thecurrent token value is generally a number in a sequence of numbers, butwhich can be mapped to other data. Thus, the current token value mayinclude, for example, i) a string of numbers and/or characters, and/orii) image(s), and/or iii) word(s), or similar data. The token server170, given a current time 172, also can generate a token value 174corresponding to each token for which it has the random key in itsdatabase. The token server 170 is used at the time a coupon is to beredeemed to generate a token value to be presented with the coupon.

An example implementation of a token server is an RSA SecureID tokenserver, modified so as to provide a current token value in response to acurrent time and a token identifier. The coupon delivery system 116provides the token server 170 with a token identifier 176, and the tokenserver provides a token value 174 for the corresponding token based oninformation in its database and given the current time 172.

When presented at the point of sale, the server-generated current tokenvalue presented with the digital coupon (702) is validated against acurrent token value generated by the token 134 at the point of sale atthe time of the transaction. In one implementation, when the couponapplication 162 requests display of a digital coupon from the coupondelivery system 116, the coupon application 162 sends data to the coupondelivery system 116, from which a transaction location is determined.Given the transaction location 152 determined from the information fromthe consumer device, the coupon delivery system determines one or moretoken identifiers 154 from the mapping information 150. The coupondelivery system 116 provides the token identifier 176 to the tokenserver 170. Given the token identifier 176 and the current time, thetoken server generates the current token value 174 corresponding to thattoken. The coupon delivery system 116 sends the server-generated currenttoken value 174 along with the digital coupon to the consumer device,and marks that digital coupon as redeemed at the current transactionlocation in the database 108.

The coupon application 162 receives the server-generated current tokenvalue and presents it along with the digital coupon to be presented, forexample by displaying the token value (702) along with, or as part of, abarcode representing the digital coupon. After instances of digitalcoupons are delivered to a consumer over the communication channels forthat consumer, the consumer can present 126 one of the instances of adigital coupon at a point of sale system 128 in connection with atransaction.

There are a variety of mechanisms through which the digital coupon andserver-generated current token value can be presented at thepoint-of-sale system 128. For example the coupon identifier for thedigital coupon can be rendered as a barcode which is presented on adisplay at the point of sale, to be read either by a machine or anindividual from the consumer device. As another example, the couponidentifier and/or server-generated token value can be conveyed to apoint of sale device through other techniques, such as radiotransmission over WiFi, Bluetooth, NFC or other connection.

At the point of sale, a determination is made whether thetoken-generated current token value 135, presented by the retailer'stoken, matches the server-generated current token value 174, presentedby the consumer device. Such a determination can be made by anindividual such as a cashier, in which case a cashier can simply informa consumer whether the coupon will or will not be accepted. Thedetermination can be made by a machine which, in response to making thedetermination, can provide an indication of the result to the cashier,consumer or program on the point of sale device. In response to an inputindicating that the token-generated current token value and theserver-generated current token value as presented on the mobile devicematch, a point of the sale device validates the digital coupon for usewith the transaction.

In some implementations, it may be useful to have multiple values forthe server-generated current token value, such as the next, in time,two, three or four token values generated by the token. This is because,by design, the token-generated current token value will be changing overtime, and thus the server-generated token value that is presented on themobile device might not match the token-generated current token valueafter a short period of time. In other words, between the time atransaction begins, and the server-generated current token value isrequested by the mobile time, and the time the content, such as thedigital coupon, is presented, the token-generated current token valuecould change to the next value. By accessing and presenting multipleserver-generated token values, e.g., the current value and next value,and/or by accessing multiple token-generated token values, e.g., theprevious value, the current value, the next value, then a transactioncan be validated by a match between any pair of server-generated tokenvalue and token-generated token value. Similarly, if the point of salesystem is connected to the token server, the point of sale system cancollect a few of the prior numbers to compare against.

After determining that a digital coupon is valid, the point of salesystem 128 can apply the promotion to the transaction. The point of salesystem 128 can collect and store information about a presented couponand the associated transaction.

A coupon clearing system 114, among other things, can process variousinformation about the redeemed coupons from the database 108, and canprovide reports of such information to various parties, for example todetermine reimbursements. The coupon clearing system 114 and thedatabase 108 may be local or remote to each other, and typically areconnected over a computer network, such as the internet or a privatewide area or local area network. They also may all reside on the samecomputer. For the present invention, it is assumed that the systems atthe point of sale, such as cash registers, computer systems and thelike, do not have direct or real-time access available to the couponclearing system for the purpose of validating whether any presentedcoupon is valid. As described above, such access may be unavailableeither due to the lack of physical or logical network connection to acoupon clearing system or the lack of integration with the couponclearing system for the purpose of validating coupons.

While FIG. 1 shows two point of sale systems, there can be manypoint-of-sale systems. A retailer can have multiple point-of-salesystems in a single location. This system accommodates any number ofretailers, with any number of locations, with any number of point ofsale systems in each location. The point of sale system generally is inthe form of a cash register, or tablet computer, or desktop computer,programmed specifically to perform purchasing transactions and trackinformation about purchasing transactions, and generally includes one ormore devices for inputting purchasing information such as a barcodescanner, credit card reader (magnetic strip reader) and the like.

The coupon clearing system 114, coupon delivery system 116 and point ofsale system 128, token server and consumer devices 122 and 124 alsotypically are implemented using one or more computing devices such asdescribed below in connection with FIG. 6, which can be furtherspecialized as described above to be computing devices with specificform factors as discussed above.

Given this context, an example implementation will be described in moredetail in connection with FIG. 2. Referring to FIG. 2, an exampleimplementation of database tables used to store information abouttokens, promotions and consumers, will now be described.

A first table 800 stores user profiles. Each user profile has a useridentifier 802 and various data fields associated with it. Such datafields, in this example, include information about a consumer such as, aname 804, address 806, city 808, zip 810, and other information 812.This example is merely illustrative and not limiting as such a databasecan have multiple structures and tables for storing various informationabout consumers.

A coupon table 840 provides information about promotions, e.g., digitalcoupons. For example, a promotion identifier 842 (also called herein anICUID, for internal coupon unique identifier) identifies a promotion.This promotion identifier is generally unique per promotion for a sourceof promotions, such as a retailer or manufacturer. Various informationabout the promotion can be stored, such as a start date 844, end date846, presentation and use information 848 and any other information 850.This example is merely illustrative and not limiting as such a databasecan have multiple structures and tables for storing various informationabout promotions.

Another table 860 associates consumers with promotions by associatingthe user identifier for the consumer with the promotion identifier orICUID for the promotion. In particular, for each promotion associatedwith a consumer there is a row that includes the user identifier 862 andthe promotion identifier 864. This table can include use and redemptiondata 866 for the promotion for the user. This example is merelyillustrative and not limiting as such a database can have multiplestructures and tables for storing information associating user profileswith promotions.

A coupon identifier table 880 then is used to associate couponidentifiers, or “coupon ID”, which can be rendered as barcodes, topromotions that are associated with consumers. In particular, the couponidentifier table associates a promotion identifier 882 (e.g., 842 intable 840) with a coupon identifier (coupon ID) 886, such as a barcode,for the instance of the coupon sent to the consumer. The couponidentifier is unique per consumer per promotion. In this exampleimplementation, the use and redemption information is tracked per userper promotion in table 860, which allows multiple instances of the samepromotion to be delivered to the same consumer with different couponidentifiers. This example is merely illustrative and not limiting assuch a database can have multiple structures and tables for storinginformation associating promotion identifiers with coupon identifiers.

The foregoing information can be stored in the database 108 andaccessible to the coupon delivery system 116.

Information about tokens (e.g., 150 in FIG. 1) can be stored in a tokeninformation table 890. This data may reside in a separate database 150or the database 108 or in another database or storage system.Preferably, such information is stored in a manner to facilitate accessto a token identifier given a location. The token information tableincludes, for each token, a token ID 892, such as its serial number, anda transaction location 898, which is data identifying a location wheretransactions occur and at which the token is located. For example thetransaction location can be data that represents a geographicallocation, or data that identifies a retailer. Other information that canbe stored includes, but is not limited to, a type 894 of the token. Thetype can indicate, for example, whether the token is unique or is partof a group of synchronized tokens at the location. Other informationthat can be stored can include a retailer ID, which is an identifier 896of the retailer to which the token has been delivered. The retailer IDcan be used to access other database tables that store information aboutretailers and their store locations. Yet other data 899 also can bestored. Such other information can include, for example, informationabout a kind of time-varying, non-predictable code used by the token.

The foregoing example is merely one way of storing information aboutusers, promotions, and tokens.

Given such an example implementation, an example implementation foroperations for delivering promotions to consumer devices to allowvalidation using tokens will now be described in connection with FIGS.3-5 and 7.

In FIG. 3, an example implementation of an overall process of a computersystem such as shown in FIG. 1, from the perspective of a consumerdevice, will now be described. This process begins at step 302 when aconsumer enters a retail location. The consumer opens the couponapplication running on a mobile phone (“mobile app”) to view an offerdescription, terms and conditions, images, etc., as indicated at step304. In this example implementation, step 304 is not location dependent.When it is time for the consumer to present the digital coupon theretailer, the consumer clicks a button at step 306 in the mobile app torequest the actual digital coupon, such as a code or barcoderepresenting the digital coupon. At 308, in response to that input, themobile app sends a signal, such as a message via the internet, to thecoupon delivery system 116.

The coupon delivery system determines whether the digital coupon isvalid and returns a value indicating the result of such a determination.For example, it may return a value for a variable “CouponValidation”which may be Null if the coupon is not valid. For example, it may returna non-null value for a variable “CouponValidation” and return a digitalcoupon, such as represented by a barcode, and a server-generated currenttoken value based on the location of the consumer device.

The determination of the validity of the digital coupon can be based onone or more factors, an example implementation of which is described inmore detail below in connection with FIG. 4. For example, the coupondelivery system can consult the database 108 to determine if the digitalcoupon has been redeemed. The coupon delivery system can determinethrough database 108, and using the location information 160 from themobile device, whether the digital coupon can be presented at theconsumer's location. The coupon delivery system also can conclude thatthe digital coupon is not valid in a particular location, and notdeliver a digital coupon, if no token can be found to correspond to thecurrent transaction location. If the coupon delivery system determinesthe digital coupon is valid, then the coupon delivery system obtains acurrent token value for a token identifier corresponding to theconsumer's current location, from the token server (170), and the coupondelivery system obtains a barcode or other representation of the digitalcoupon from the coupon content management system (110). The coupondelivery system also can mark the digital coupon as redeemed in database108.

If the coupon delivery system returns a NULL value for CouponValidation,as determined at 310, then the mobile app does not present the digitalcoupon, as indicated at 312.

If the coupon delivery system returns a non-null value forCouponValidation, as determined at 310, indicating that the digitalcoupon is valid, then the mobile app presents the digital coupon on theconsumer device, such as by displaying the barcode, as indicated at 314,along with the server-generated current token value.

If the consumer still wishes to make the purchase, as indicated at 318,the consumer device presents (320) the digital coupon at thepoint-of-sale system, along with the server-generated token value (suchas shown at 700 and 702, respectively, in the example user interface inFIG. 7), such as by placing the display of the consumer device before ascanning device, or showing the display of the consumer device to acashier. At 322, the server-generated current token value (702) from theconsumer device is compared (322) with a token-generated current tokenvalue from the retailer's token (134 in FIG. 1). Such a comparison canbe performed by the cashier. If the token-generating current token valuefrom the retailer's token 134 matches the server-generated current tokenvalue presented at 702, then, at step 326, the digital coupon isvalidated and the retailer can provide the discount to the consumer.

If, at 318, the consumer no longer wishes to make the purchase, theconsumer can initiate a process within the mobile app on the consumerdevice to mark the digital coupon as unredeemed, with the consent of theretailer. If the token values match, then the coupon can be unredeemed.If the token values do not match, then the coupon remains redeemed. InFIG. 3, the consumer, who is viewing the digital coupon (700) with thebarcode, server-generated current token value (702) and unredeem button(704), as displayed by the mobile app on the consumer device, clicks(328) on an “unredeem” button 704. In response to user input withrespect to the unredeem button, the mobile app can prompt the consumerto input a current token value from the retailer's token 134. Theconsumer requests the token-generated current token value from theretailer, and inputs 330 the value to initiate unredeeming the digitalcoupon. Further details of this example implementation of unredeeming(331) a digital coupon are described below in connection with FIG. 5. Ifunredemption is successful as indicated at 332, the process can returnto step 304 to view the offer again.

Turning now to FIG. 4, an example implementation of operation of thecoupon delivery system 116 in validating a request for a digital couponand providing a server-generated current token value with a validdigital coupon will now be described in more detail. Such a process canbe invoked, for example, in response to the coupon application on amobile device requesting a digital coupon, such as at 308 in FIG. 3.

The coupon delivery system determines, at 402, if the digital coupon hasbeen redeemed. If the digital coupon has been redeemed, it returns (404)a NULL value for “CouponValidation” and the digital coupon is notdisplayed by the consumer device. If the digital coupon has not alreadybeen redeemed, then the coupon delivery system obtains (406) theconsumer's location. If the consumer is in a location other than wherethe digital coupon can be redeemed, then the coupon delivery serverreturns (410) a NULL value for “CouponValidation”, and the digitalcoupon is not displayed by the consumer device. Otherwise, the coupondelivery system continues on to 412 and looks up an identifier for thetoken corresponding to a transaction location determined based on thelocation information received from the consumer device. For example, thecoupon delivery system can obtain a token identify using storedinformation 150. The coupon delivery system accesses (414) aserver-generated current token value for the identified token from thetoken server 170. The coupon delivery system then marks the digitalcoupon as redeemed at 416 and returns the server-generated current tokenvalue and data representing the digital coupon, such as a barcode, atstep 418 to the mobile application.

Turning now to FIG. 5, an example implementation of an operation tounredeem a coupon will now be described in more detail. Such a processcan be invoked in response to the coupon application on a mobile devicereceiving a user input with respect to the unredeem button (704) andinputting a token-generated current token value from the retailer'stoken, such as at 330 in FIG. 3.

In response to the consumer's input of the retailer's token value at 330in FIG. 3, the retailer's token value is delivered by the consumerdevice and received 502 by the coupon delivery system 116. The coupondelivery system checks whether the digital coupon is redeemed, at 504,for example by checking database 108. If the digital coupon has not beenredeemed, then the coupon delivery server will return such anindication, such as a NULL value for a “Coupon Unredeemed” variable, at506, in response to which the mobile application on the consumer devicecan take no action, or, for example, indicate to the consumer that thedigital coupon was never redeemed. If the digital coupon has beenredeemed, then, at 508, the coupon delivery system looks up anidentifier of a token corresponding to transaction location derived fromthe location information provided by the consumer device.

Continuing onto 510, the coupon delivery system obtains aserver-generated current token value corresponding to the determinedtransaction location. The coupon delivery system compares (512) thetoken-generated current token value as input by the consumer to theobtained server-generated current token value. (Alternatively, in lieuof steps 510 and 512, the coupon delivery system can provide theretailer's token value as entered by the consumer and determined tokenidentifier to the token server, which can indicate whether the enteredvalue is correct for the identified retailer token.) Generally, if thetoken values match, then the coupon can be unredeemed; if the tokenvalues do not match, then the coupon remains redeemed.

If the token values are not equal, then the coupon delivery server canreturn such an indication, such as a NULL value for the “CouponUnredeemed” variable, as indicated at 514, in response to which themobile application can take no action, or, for example, indicate thatthe coupon remains marked as redeemed. If the tokens are equal, then thecoupon delivery server marks the coupon as unredeemed, as indicated at516, and can return such an indication, such as a TRUE value for the“Coupon Unredeemed” variable, to the mobile application. In turn, themobile application can return to step 304 (the step before the couponbarcode and security code have been requested).

Such techniques also can be used in combination with a validity checkingwallet as described in U.S. Pat. No. 8,430,300. The match of the tokenvalues can be an input that allows the digital coupon to be marked asvalid and displayed by the consumer device.

In an implementation in which the retailer is using a point of salesystem that is connected to the internet or other computer network, thepoint of sale system can access a token server on the internet or othercomputer network to obtain the proper token-generated current tokenvalue for that transaction location and present the token-generatedcurrent token value directly on an output device of the point of salesystem, thereby eliminating the physically separate token delivered tothe retailer.

From the perspective of a CPG company, the CPG company can know how manytimes a coupon was viewed or presented for redemption in a specificphysical location and can match that information against any claims madeby the retailer for reimbursement.

From a retailer perspective, so long as the retailer checks to ensurethat a current token value from a token received from the coupon issuermatches a current token value as displayed on the face of the coupon ona mobile device, the retailer has assurance that the digital coupon isvalid, and that the CPG company will reimburse the retailer if theretailer accepts the digital coupon.

The computer system also provides a simple way for a consumer to reversethe process if the retailer does not redeem the coupon. The computersystem can track such information to reduce fraud.

In one embodiment, a single retailer location with multiple cashregisters or other point of sale devices can have a set of synchronizedtokens, instead of unique tokens for each point of sale device,installed at the retailer's location so that all of the tokens displaythe same token value at any given time.

For the CPG company to increase certainty that the retailer actuallysold the individual items for which the discounts were applied, theretailer can be asked to deliver, via batch or real-time data feed, thedetails of all transactions (products purchased by the consumer) so thatthe CPG company can reconcile these details against the couponredemption records.

For the CPG company to increase certainty that the consumer was presentat the point of sale system at a retailer before the coupon was markedas redeemed, the system can require consumers to take an extra step toconfirm that the consumer interacts with the point of sale system. Inone implementation, a secondary token can be placed near the point ofsale system which displays a number or QR barcode or other value. Thevalue of the secondary token can change at regular intervals. Afterconfirming the consumer's location and obtaining a primary token valueas described above, but prior to displaying the digital coupon with theprimary token value, the application displaying the digital coupon canprompt the consumer to enter the secondary token value, such as bytaking a picture of the secondary token or by entering data indicatingthe secondary token value. The application can then connect to a serverto confirm the secondary token value for the specific location. If thereis a match with the secondary token, then the application displays thedigital coupon on the mobile device. The use of a secondary tokenensures that the consumer is present at the point of sale prior to thecoupon being marked as redeemed.

The secondary token value also can be rendered on an internet-connectedpoint of sale system and the application on the mobile device can prompta consumer to enter the secondary token value manually prior to theapplication displaying the digital coupon and the primary token value.

The secondary token value also can be a static barcode or number insteadof a barcode or number dynamically displayed by a token. In this case, aserver can simply check whether the static secondary token value wascorrect for the given physical retail location.

The secondary token also can be data exchanged via radio frequencybetween the point of sale device or other device of the retailer and themobile device (and application) displaying the coupon, for example byusing a Bluetooth beacon, NFC tag, RFID tag, or similar device. In thisimplementation, the radio frequency device exchanges data with theapplication running on the mobile device in place of the consumer takinga specific action with the secondary token. If the information receivedby the application from the radio frequency device matches the secondarytoken value expected from the token server for the specific location,then the digital coupon is displayed along with the primary token value.

The operation of the application can vary by store location, such thatthe secondary token is used in some retail locations but not in others.This implementation of the application can be useful when a digitalcoupon is issued by a retailer because, so long as the consumer is inthe retailer's store, the coupon can be validated by the primary tokenalone.

It should be understood that the various implementations described abovecan be combined in various ways to enable different kinds offunctionality for validating digital content delivered to a mobiledevice using the location of the mobile device and a token correspondingto the location at which the transaction is occurring.

Having now described an example implementation, a computing environmentin which such a system is designed to operate will now be described. Thefollowing description is intended to provide a brief, generaldescription of a suitable computing environment in which this system canbe implemented. The system can be implemented with numerous generalpurpose or special purpose computing hardware configurations. Examplesof well-known computing devices that may be suitable include, but arenot limited to, personal computers, server computers, hand-held orlaptop devices (for example, media players, notebook computers, tabletcomputers, cellular phones, mobile phones, smart mobile phones, personaldata assistants, voice recorders), multiprocessor systems,microprocessor-based systems, set top boxes, game consoles, programmableconsumer electronics, network PCs, minicomputers, mainframe computers,distributed computing environments that include any of the above systemsor devices, and the like.

FIG. 6 illustrates an example of a suitable computing systemenvironment. The computing system environment is only one example of asuitable computing environment and is not intended to suggest anylimitation as to the scope of use or functionality of such a computingenvironment. Neither should the computing environment be interpreted ashaving any dependency or requirement relating to any one or combinationof components illustrated in the example operating environment.

With reference to FIG. 6, an example computing environment includes acomputing machine, such as computing machine 600. In its most basicconfiguration, computing machine 600 typically includes at least oneprocessing unit 602 and memory 604. The computing device may includemultiple processing units and/or additional co-processing units such asgraphics processing unit 620. Depending on the exact configuration andtype of computing device, memory 604 may be volatile (such as RAM),non-volatile (such as ROM, flash memory, etc.) or some combination ofthe two. This most basic configuration is illustrated in FIG. 6 bydashed line 606. Additionally, computing machine 600 may also haveadditional features/functionality. For example, computing machine 600may also include additional storage (removable and/or non-removable)including, but not limited to, magnetic or optical disks or tape. Suchadditional storage is illustrated in FIG. 6 by removable storage 608 andnon-removable storage 610. Computer storage media includes volatile andnonvolatile, removable and non-removable media implemented in any methodor technology for storage of information such as computer programinstructions, data structures, program modules or other data. Memory604, removable storage 608 and non-removable storage 610 are allexamples of computer storage media. Computer storage media includes, butis not limited to, RAM, ROM, EEPROM, flash memory or other memorytechnology, CD-ROM, digital versatile disks (DVD) or other opticalstorage, magnetic cassettes, magnetic tape, magnetic disk storage orother magnetic storage devices, or any other medium which can be used tostore the desired information at addressable physical locations fromwhich the information can read by computing machine 600. Any suchcomputer storage media may be part of computing machine 600.

Computing machine 600 may also contain communications connection(s) 612that allow the device to communicate with other devices overcommunication media. Communication media typically carries computerprogram instructions, data structures, program modules or other data ina modulated data signal such as a carrier wave or other transportmechanism and includes any information delivery media. The term“modulated data signal” means a signal that has one or more of itscharacteristics set or changed in such a manner as to encode informationin the signal, thereby changing the configuration or state of thereceiving device of the signal. By way of example, and not limitation,communication media includes wired media such as a wired network ordirect-wired connection, and media that can transmit signals wirelessly,as acoustic, RF, infrared and other signals.

Computing machine 600 may have various input device(s) 614 such as akeyboard, mouse, pen, camera, touch input device, and so on. Outputdevice(s) 616 such as a display, speakers, a printer, and so on may alsobe included. All of these devices are well known in the art and need notbe discussed at length here.

The various components in FIG. 6 are generally interconnected by aninterconnection mechanism, such as one or more buses 630.

Such a system may be implemented using software, includingcomputer-executable instructions and/or computer-interpretedinstructions, such as program modules, being processed by a set ofcomputers. Generally, program modules include routines, programs,objects, components, data structures, and so on, that, when processed bya processing unit, instruct the processing unit to perform particulartasks or implement particular abstract data types. This system may bepracticed in distributed computing environments where tasks areperformed by remote processing devices that are linked through acommunications network. In a distributed computing environment, programmodules may be located in both local and remote computer storage mediaincluding memory storage devices

It should be understood that the subject matter defined in the appendedclaims is not necessarily limited to the specific implementationsdescribed above. The specific implementations described above aredisclosed as examples only.

What is claimed is:
 1. A computer implemented process, comprising:storing, by a server computer, information in computer readable storage,the stored information associating each of a plurality of transactionlocations with different tokens that generate different time-varying,non-predictable codes, wherein each time-varying, non-predictable codeof a token is a sequence of token values generated according to secretinformation, shared between the token and the server computer, and atime-varying value, wherein a current token value at a current time is afunction of the secret information and the time-varying value based onthe current time; receiving, at a time, by the server computer, arequest from a mobile device for digital content associated with asource; in response to the request, determining, by the server computer,a transaction location, based on a geographic location of the mobiledevice at the time of the request; using the stored information,identifying, by the server computer, a token associated with thedetermined transaction location; the server computer-generating acurrent token value for the identified token associated with thetransaction location, based on the time-varying non-predictable code forthe identified token, using the secret information for the identifiedtoken stored at the server computer and a current time accessible to theserver computer; the server computer transmitting the requested digitalcontent and the server-generated current token value to the mobiledevice; the mobile device receiving, from the server computer, andpresenting, on an output of the mobile device, the digital content andthe server-generated current token value; a token at the transactionlocation generating a current token value based on the time-varying,non-predictable code of the token, using secret information stored inthe token and a current time accessible to the token; the tokenpresenting the token-generated current token value on an output deviceassociated with the token; receiving, by a computing device, an inputindicating whether the token-generated current token value as presentedon the output device matches the server-generated current token value aspresented on the output of the mobile device thereby indicating thedigital content presented on the mobile device originates from thesource; wherein the computing device does not have a computer networkconnection to a centralized database to validate that the digitalcontent presented on the mobile device originates from the source;processing, by the computing device, a transaction associated with thedigital content presented on the mobile device based on at least theinput indicating that the token-generated current token value aspresented on the output device matches the server-generated currenttoken value as presented on the output of the mobile device.
 2. Thecomputer implemented process of claim 1, wherein the server computercomprises a token server that stores the stored information associatingtransaction locations with tokens and a content delivery system thatprovides digital content, and wherein, the process comprises: thecontent delivery system receiving the request from the mobile device;the content delivery system providing the requested digital content tothe mobile device; the content delivery system determining thetransaction location; the content delivery system requesting theserver-generated current token value for the transaction location fromthe token server; and the token server generating the server-generatedcurrent token value.
 3. The computer implemented process of claim 1,wherein the token generates a token value at fixed intervals of timeusing a built-in clock and a random key associated with and unique tothe token.
 4. The computer implemented process of claim 1, wherein thestored information comprises, for each token, a token identifier, alocation, and an identifier of an entity at the location.
 5. A computersystem, comprising: a plurality of different tokens, each token locatedat a different transaction location among a plurality of transactionlocations; a plurality of computing devices, each computing devicelocated at a different transaction location among the plurality oftransaction locations and operative to process transactions at thetransaction location; a server computer, comprising at least computerreadable storage storing information associating each of the pluralityof different transaction locations with the different tokens; whereinthe different tokens generate different time-varying, non-predictablecodes, wherein each time-varying, non-predictable code of a token is asequence of token values generated based on at least secret information,shared between the token and the server computer, and a time-varyingvalue, wherein a current token value at a current time is a function ofthe secret information and the time-varying value based on the currenttime; a plurality of mobile devices configured to communicate with theserver computer and configured to request digital content from theserver computer; wherein the server computer is operative to: receive,at a time, a request from a mobile device, from among the plurality ofmobile devices, for digital content associated with a source; inresponse to the request, determine a transaction location, based on ageographic location of the mobile device at the time of the request;using the stored information, identify a token associated with thedetermined transaction location; generate a current token value for theidentified token associated with the transaction location, based on thetime-varying non-predictable code for the identified token, using thesecret information for the identified token stored at the servercomputer and a current time accessible to the server computer; transmitthe requested digital content and the server-generated current tokenvalue to the mobile device; wherein the mobile device requesting thedigital content is operative to receive, from the server computer, andpresent, on an output of the mobile device, the digital content and theserver-generated current token value; wherein the token at thetransaction location is operative to generate a current token valuebased on the time-varying, non-predictable code of the token, usingsecret information stored in the token and a current time accessible tothe token; wherein the token at the transaction location is operative tooutput the token-generated current token value on an output deviceassociated with the token; thereby allowing an individual to compare thetoken-generated current token value as presented on the output device tothe server-generated current token value as presented through the outputof the mobile device to determine whether the token-generated currenttoken value as presented on the output device matches theserver-generated current token value as presented through the output ofthe mobile device thereby indicating the digital content presented onthe mobile device originates from the source; wherein the computingdevice at the transaction location is operative to receive an inputindicating whether the token-generated current token value as presentedon the output device matches the server-generated current token value aspresented on the output of the mobile device thereby indicating thedigital content presented on the mobile device originates from thesource; wherein the computing device at the transaction location isoperative to process a transaction associated with the digital contentpresented on the mobile device based on at least the input indicatingthat the token-generated current token value as presented on the outputdevice matches the server-generated current token value as presented onthe output of the mobile device; and wherein the plurality of computingdevices do not have a computer network connection to a centralizeddatabase to validate that digital content presented on the plurality ofmobile devices originates from a source.
 6. The computer system of claim5, wherein the server computer comprises: a token server that stores thestored information associating transaction locations with tokens andoperative to generate a current token value for a token associated witha transaction location; and a content delivery system operative toreceive the request from the mobile device, to provide the requesteddigital content, and to determine the transaction location, and torequest the server-generated current token value for the transactionlocation from the token server.
 7. The computer system of claim 5,wherein each token in the plurality of tokens generates a token value atfixed intervals of time using a built-in clock and a random keyassociated with and unique to the token.
 8. The computer system of claim5, wherein the stored information comprises, for each token, a tokenidentifier, a location, and an identifier of an entity at the location.9. A computer system, comprising: a plurality of different tokens, eachtoken located at a different transaction location among a plurality oftransaction locations; a plurality of computing devices, each computingdevice located at a different transaction location among the pluralityof transaction locations and operative to process transactions at thetransaction location; a server computer, comprising at least computerreadable storage storing information associating each of the pluralityof different transaction locations with the different tokens; whereinthe different tokens generate different time-varying, non-predictablecodes, wherein each time-varying, non-predictable code of a token is asequence of token values generated based on at least secret information,shared between the token and the server computer, and a time-varyingvalue, wherein a current token value at a current time is a function ofthe secret information and the time-varying value based on the currenttime; a plurality of mobile devices configured to communicate with theserver computer and configured to request digital content from theserver computer; wherein the server computer is operative to: receive,at a time, a request from a mobile device, from among the plurality ofmobile devices, for digital content associated with a source; inresponse to the request, determine a transaction location, based on ageographic location of the mobile device at the time of the request;using the stored information, identify a token associated with thedetermined transaction location; generate a current token value for theidentified token associated with the transaction location, based on thetime-varying non-predictable code for the identified token, using thesecret information for the identified token stored at the servercomputer and a current time accessible to the server computer; transmitthe requested digital content and the server-generated current tokenvalue to the mobile device; wherein the mobile device requesting thedigital content is operative to receive, from the server computer, andpresent, to an individual through an output of the mobile device, thedigital content and the server-generated current token value; whereinthe token at the transaction location is operative to generate a currenttoken value based on the time-varying, non-predictable code of thetoken, using secret information stored in the token and a current timeaccessible to the token; wherein the token at the transaction locationis operative to present, to the individual, the token-generated currenttoken value on an output device associated with the token therebyallowing an individual to compare the token-generated current tokenvalue as presented on the output device to the server-generated currenttoken value as presented through the output of the mobile device todetermine whether the token-generated current token value as presentedon the output device matches the server-generated current token value aspresented through the output of the mobile device thereby indicating thedigital content presented on the mobile device originates from thesource; wherein the computing device at the transaction location isoperative to process a transaction associated with the digital contentpresented on the mobile device in response to an input from theindividual after the token-generated current token value and to theserver-generated current token value are presented to the individual;and wherein the plurality of computing devices do not have a computernetwork connection to a centralized database to validate that digitalcontent presented on the plurality of mobile devices originates from asource.
 10. The computer system of claim 9, wherein the server computercomprises: a token server that stores the stored information associatingtransaction locations with tokens and operative to generate a currenttoken value for a token associated with a transaction location; and acontent delivery system operative to receive the request from the mobiledevice, to provide the requested digital content, and to determine thetransaction location, and to request the server-generated current tokenvalue for the transaction location from the token server.
 11. Thecomputer system of claim 9, wherein each token in the plurality oftokens generates a token value at fixed intervals of time using abuilt-in clock and a random key associated with and unique to the token.12. The computer system of claim 9, wherein the stored informationcomprises, for each token, a token identifier, a location, and anidentifier of an entity at the location.